Re: Google search behind most phishing sites

germaine wrote:

Three-quarters of phishing sites are built on hacked servers that
have been tracked down using pre-programmed Google search terms,
according to research from brand-protection firm MarkMonitor.

I wouldn't say that puts Google "behind most phishing sites".
There's a lot of legitimate reasons to dislike Google, but they are
after all just a cataloging service. It's not up to them to examine
every bit of data they accumulate to see if it's "legitimate" If
they did that, they'd have to automatically discard about 75% of
the content found out along the information dirt road. ;)

No, aside from some very specific types of content, it's not
Google's place or responsibility to censor. Buyer beware and all

Among other activities, MarkMonitor tracks phishing attacks that
target brand names.

Researchers compiled a list of 750 Google search terms that are
used to track down websites likely to have easily exploitable
vulnerabilities - mostly PHP-based sites.

The responsibility for that lies almost entirely on the shoulders of
the individual site administrators who don't do their jobs. If
there's a vulnerability you fix/patch it. If you can't do that, you
remove the offending software and replace it with something else.
Google can't be held responsible because web sites report version
strings and such. Here again, if that's an issue then the
administrators of htose sites need to address it. Every site I
manage for instance, reports absolutely nothing but "Apache" when
queried. No PHP version this, or mod that. That makes me immune to
this sort of Google reconnaissance.

Google has already made moves to block automated exploitation of
the "dorks", but they can still be used manually.

In my opinion they're setting themselves up for liability. If they
even try to manage this problem any failures in whatever they do
could be viewed as negligence.

The websites exploited tend to be small, local PHP-based sites,
which are less likely to have the latest patches installed, and
are invaded via one of more than 1,800 known PHP bugs,
MarkMonitor said.

Exactly! These are KNOWN bugs. How many of those 1,800 are still
vulnerabilities on servers where the administrators just keep up
with routine maintenance? Almost none I'd wager, given the timely
manner in which such things are addressed by the OSS community.